Staff View
Working Set-Based Access Control for Network File Systems

Descriptive

Language
LanguageTerm (authority = ISO 639-3:2007); (type = text)
English
Genre (authority = RULIB-FS)
Other
Genre (authority = marcgt)
technical report
PhysicalDescription
InternetMediaType
application/pdf
Extent
19 p.
Note (type = special display note)
Technical report DCS-TR-643
Name (authority = RutgersOrg-School); (type = corporate)
NamePart
School of Arts and Sciences (SAS) (New Brunswick)
Name (authority = RutgersOrg-Department); (type = corporate)
NamePart
Computer Science (New Brunswick)
TypeOfResource
Text
Name (type = personal)
NamePart (type = family)
Smaldone
NamePart (type = given)
Stephen
Affiliation
Computer Science (New Brunswick)
Role
RoleTerm (authority = marcrt); (type = text)
author
Name (type = personal)
NamePart (type = family)
Ganapathy
NamePart (type = given)
Vinod
Affiliation
Computer Science (New Brunswick)
Role
RoleTerm (authority = marcrt); (type = text)
author
Name (type = personal)
NamePart (type = family)
Iftode
NamePart (type = given)
Liviu
Affiliation
Computer Science (New Brunswick)
Role
RoleTerm (authority = marcrt); (type = text)
author
OriginInfo
DateCreated (encoding = w3cdtf); (keyDate = yes); (qualifier = exact)
2008-11
Abstract (type = abstract)
Securing access to files is an important and growing concern in corporate environments. Employees are increasingly accessing files from untrusted devices, including personal home computers and mobile devices, such as smart phones, that are not under the control of the corporation, and may be infected with viruses, worms, and other malware. In such cases, it is crucial to protect the confidentiality and integrity of corporate data from malicious accesses. Existing tools available to network administrators are either too permissive or too restrictive in allowing file access from untrusted devices. This paper proposes a novel scheme called Working Set-Based Access Control (WSBAC) to restrict network file system accesses from untrusted devices. The key idea is to continuously observe and extract working sets for users when they access files from trusted devices. These working sets are used to restrict file accesses when users connect from untrusted devices. This paper reports on the design and implementation of tools to automatically extract working sets, and transparently enforce WSBAC without requiring changes to the file system. Our experiments with realistic network file system traces lead us to conclude that using working sets offers a flexible yet secure way to restrict access from untrusted devices, and that the runtime overheads of WSBAC enforcement are negligible.
TitleInfo
Title
Working Set-Based Access Control for Network File Systems
RelatedItem (type = host)
TitleInfo
Title
Computer Science (New Brunswick)
Identifier (type = local)
rucore21032500001
Location
PhysicalLocation (authority = marcorg); (displayLabel = Rutgers, The State University of New Jersey)
NjNbRU
Identifier (type = doi)
doi:10.7282/T3BR8WK6
Genre (authority = ExL-Esploro)
Technical Documentation
Back to the top

Rights

RightsDeclaration (AUTHORITY = rightsstatements.org); (TYPE = IN COPYRIGHT); (ID = http://rightsstatements.org/vocab/InC/1.0/)
This Item is protected by copyright and/or related rights.You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use.For other uses you need to obtain permission from the rights-holder(s).
Copyright
Status
Copyright protected
Availability
Status
Open
Reason
Permission or license
Back to the top

Technical

RULTechMD (ID = TECHNICAL1)
ContentModel
Document
CreatingApplication
Version
1.4
ApplicationName
pdfTeX-1.40.3
DateCreated (point = end); (encoding = w3cdtf); (qualifier = exact)
2008-11-05T17:40:02
DateCreated (point = end); (encoding = w3cdtf); (qualifier = exact)
2008-11-05T17:40:02
Back to the top
Version 8.3.13
Rutgers University Libraries - Copyright ©2020